qontract-reconcile 0.10.2.dev394__py3-none-any.whl → 0.10.2.dev414__py3-none-any.whl

reconcile/terraform_repo.py

@@ -41,10 +41,10 @@ class RepoOutput(BaseModel):
     project_path: str
     delete: bool
     aws_creds: VaultSecret
-    variables: TerraformRepoVariablesV1 | None
-    bucket: str | None
-    region: str | None
-    bucket_path: str | None
+    variables: TerraformRepoVariablesV1 | None = None
+    bucket: str | None = None
+    region: str | None = None
+    bucket_path: str | None = None
     require_fips: bool
     tf_version: str
 
@@ -62,8 +62,8 @@ class OutputFile(BaseModel):
 class TerraformRepoIntegrationParams(PydanticRunParams):
     output_file: str | None
     validate_git: bool
-    gitlab_project_id: str | None
-    gitlab_merge_request_id: int | None
+    gitlab_project_id: str | None = None
+    gitlab_merge_request_id: int | None = None
 
 
 class TerraformRepoIntegration(
@@ -168,7 +168,7 @@ class TerraformRepoIntegration(
                     self.params.output_file, "w", encoding="locale"
                 ) as output_file:
                     yaml.safe_dump(
-                        data=output.dict(),
+                        data=output.model_dump(),
                         stream=output_file,
                         explicit_start=True,
                     )
@@ -177,7 +177,7 @@ class TerraformRepoIntegration(
                     f"Unable to write to '{self.params.output_file}'"
                 ) from None
         else:
-            print(yaml.safe_dump(data=output.dict(), explicit_start=True))
+            print(yaml.safe_dump(data=output.model_dump(), explicit_start=True))
 
         return output
 
@@ -206,7 +206,7 @@ class TerraformRepoIntegration(
         keys = state.ls()
         for key in keys:
             if value := state.get(key.lstrip("/"), None):
-                repo = TerraformRepoV1.parse_obj(value)
+                repo = TerraformRepoV1.model_validate(value)
                 repo_list.append(repo)
 
         return repo_list
@@ -283,7 +283,7 @@ class TerraformRepoIntegration(
             for add_key, add_val in diff_result.add.items():
                 # state.add already performs a json.dumps(key) so we export the
                 # pydantic model as a dict to avoid a double json dump with extra quotes
-                state.add(add_key, add_val.dict(by_alias=True), force=True)
+                state.add(add_key, add_val.model_dump(by_alias=True), force=True)
             for delete_key in diff_result.delete:
                 state.rm(delete_key)
             for change_key, change_val in diff_result.change.items():
@@ -291,7 +291,9 @@ class TerraformRepoIntegration(
                     state.rm(change_key)
                 else:
                     state.add(
-                        change_key, change_val.desired.dict(by_alias=True), force=True
+                        change_key,
+                        change_val.desired.model_dump(by_alias=True),
+                        force=True,
                     )
         except KeyError:
             pass
@@ -394,5 +396,7 @@ class TerraformRepoIntegration(
     def early_exit_desired_state(self, *args: Any, **kwargs: Any) -> dict[str, Any]:
         gqlapi = gql.get_api()
         return {
-            "repos": [repo.dict() for repo in self.get_repos(query_func=gqlapi.query)]
+            "repos": [
+                repo.model_dump() for repo in self.get_repos(query_func=gqlapi.query)
+            ]
         }

reconcile/terraform_resources.py

@@ -137,7 +137,7 @@ def fetch_current_state(
         use_jump_host=use_jump_host,
         thread_pool_size=thread_pool_size,
     )
-    namespaces_dicts = [ns.dict(by_alias=True) for ns in namespaces]
+    namespaces_dicts = [ns.model_dump(by_alias=True) for ns in namespaces]
     state_specs = ob.init_specs_to_fetch(
         ri, oc_map, namespaces=namespaces_dicts, override_managed_types=["Secret"]
     )
@@ -273,7 +273,7 @@ def setup(
         )
     else:
         ocm_map = None
-    tf_namespaces_dicts = [ns.dict(by_alias=True) for ns in tf_namespaces]
+    tf_namespaces_dicts = [ns.model_dump(by_alias=True) for ns in tf_namespaces]
 
     provider_exclusions = settings.get("terraformResourcesProviderExclusions") or []
     ts.init_populate_specs(
@@ -295,16 +295,16 @@ def filter_tf_namespaces(
 ) -> list[NamespaceV1]:
     tf_namespaces = []
     for namespace_info in namespaces:
-        if ob.is_namespace_deleted(namespace_info.dict(by_alias=True)):
+        if ob.is_namespace_deleted(namespace_info.model_dump(by_alias=True)):
             continue
-        if not managed_external_resources(namespace_info.dict(by_alias=True)):
+        if not managed_external_resources(namespace_info.model_dump(by_alias=True)):
             continue
 
         if not account_names:
             tf_namespaces.append(namespace_info)
             continue
 
-        specs = get_external_resource_specs(namespace_info.dict(by_alias=True))
+        specs = get_external_resource_specs(namespace_info.model_dump(by_alias=True))
         if not specs:
             tf_namespaces.append(namespace_info)
             continue
@@ -567,7 +567,7 @@ def early_exit_desired_state(*args: Any, **kwargs: Any) -> dict[str, Any]:
     }
     for ns_info in get_tf_namespaces():
         for spec in get_external_resource_specs(
-            ns_info.dict(by_alias=True), provision_provider=PROVIDER_AWS
+            ns_info.model_dump(by_alias=True), provision_provider=PROVIDER_AWS
         ):
             resource_paths = [
                 spec.resource.get("defaults"),

reconcile/terraform_tgw_attachments.py

@@ -69,7 +69,7 @@ class ValidationError(Exception):
 class TGWAccountProviderInfo(BaseModel):
     name: str
     uid: str
-    assume_role: str | None
+    assume_role: str | None = None
     assume_region: str
 
 
@@ -81,10 +81,10 @@ class Requester(BaseModel):
     tgw_id: str
     tgw_arn: str
     region: str
-    routes: list[dict] | None
-    rules: list[dict] | None
-    hostedzones: list[str] | None
-    cidr_block: str | None
+    routes: list[dict] | None = None
+    rules: list[dict] | None = None
+    hostedzones: list[str] | None = None
+    cidr_block: str | None = None
     cidr_blocks: list[str]
     account: TGWAccountProviderInfo
 
@@ -92,11 +92,11 @@ class Requester(BaseModel):
 class Accepter(BaseModel):
     cidr_block: str
     region: str
-    vpc_id: str | None
-    route_table_ids: list[str] | None
-    subnets_id_az: list[dict[str, str]] | None
+    vpc_id: str | None = None
+    route_table_ids: list[str] | None = None
+    subnets_id_az: list[dict[str, str]] | None = None
     account: ClusterAccountProviderInfo
-    api_security_group_id: str | None
+    api_security_group_id: str | None = None
 
 
 class DesiredStateItem(BaseModel):
@@ -193,7 +193,7 @@ def _build_desired_state_tgw_connection(
         yield None
 
     account_tgws = awsapi.get_tgws_details(
-        peer_connection.account.dict(by_alias=True),
+        peer_connection.account.model_dump(by_alias=True),
         cluster_region,
         cluster_cidr_block,
         tags=peer_connection.tags or {},
@@ -275,7 +275,7 @@ def _build_accepter(
     )
     (vpc_id, route_table_ids, subnets_id_az, api_security_group_id) = (
         awsapi.get_cluster_vpc_details(
-            account.dict(by_alias=True),
+            account.model_dump(by_alias=True),
             route_tables=bool(peer_connection.manage_routes),
             subnets=True,
             hcp_vpc_endpoint_sg=allow_hcp_private_api_access,
@@ -318,12 +318,12 @@ def _build_ocm_map(
     clusters: Iterable[ClusterV1],
     vault_settings: AppInterfaceSettingsV1,
 ) -> OCMMap | None:
-    ocm_clusters = [c.dict(by_alias=True) for c in clusters if c.ocm]
+    ocm_clusters = [c.model_dump(by_alias=True) for c in clusters if c.ocm]
     return (
         OCMMap(
             clusters=ocm_clusters,
             integration=QONTRACT_INTEGRATION,
-            settings=vault_settings.dict(by_alias=True),
+            settings=vault_settings.model_dump(by_alias=True),
         )
         if ocm_clusters
         # this is a case for an OCP cluster which is not provisioned
@@ -347,7 +347,7 @@ def _populate_tgw_attachments_working_dirs(
     accounts_by_infra_account_name: dict[str, list[dict[str, Any]]] = {}
     for item in desired_state:
         accounts_by_infra_account_name.setdefault(item.infra_acount_name, []).append(
-            item.accepter.account.dict(by_alias=True)
+            item.accepter.account.model_dump(by_alias=True)
         )
     for infra_account_name, accounts in accounts_by_infra_account_name.items():
         ts.populate_additional_providers(infra_account_name, accounts)
@@ -429,7 +429,9 @@ def setup(
     print_to_file: str | None = None,
 ) -> tuple[SecretReaderBase, AWSApi, Terraform, Terrascript]:
     tgw_clusters = desired_state_data_source.clusters
-    all_accounts = [a.dict(by_alias=True) for a in desired_state_data_source.accounts]
+    all_accounts = [
+        a.model_dump(by_alias=True) for a in desired_state_data_source.accounts
+    ]
     account_by_name = {a["name"]: a for a in all_accounts}
     vault_settings = get_app_interface_vault_settings()
     secret_reader = create_secret_reader(vault_settings.vault)
@@ -455,7 +457,7 @@ def setup(
         "",
         thread_pool_size,
         tgw_accounts,
-        settings=vault_settings.dict(by_alias=True),
+        settings=vault_settings.model_dump(by_alias=True),
         default_tags=default_tags,
     )
     tgw_rosa_cluster_accounts = [
@@ -516,7 +518,7 @@ def run(
 ) -> None:
     desired_state_data_source = _fetch_desired_state_data_source(account_name)
     tgw_accounts = [
-        a.dict(by_alias=True)
+        a.model_dump(by_alias=True)
         for a in _filter_tgw_accounts(
             desired_state_data_source.accounts, desired_state_data_source.clusters
         )
@@ -573,7 +575,7 @@ def early_exit_desired_state(*args: Any, **kwargs: Any) -> dict[str, Any]:
     desired_state = _fetch_desired_state_data_source()
     for a in desired_state.accounts:
         a.deletion_approvals = []
-    return desired_state.dict(by_alias=True)
+    return desired_state.model_dump(by_alias=True)
 
 
 def desired_state_shard_config() -> DesiredStateShardConfig:

reconcile/terraform_vpc_resources/integration.py

@@ -162,7 +162,9 @@ class TerraformVpcResources(QontractReconcileIntegration[TerraformVpcResourcesPa
             logging.debug("No VPC requests found, nothing to do.")
             sys.exit(ExitCodes.SUCCESS)
 
-        accounts_untyped: list[dict] = [acc.dict(by_alias=True) for acc in accounts]
+        accounts_untyped: list[dict] = [
+            acc.model_dump(by_alias=True) for acc in accounts
+        ]
         try:
             default_tags = get_settings().default_tags
         except ValueError:

reconcile/typed_queries/cost_report/app_names.py

@@ -6,7 +6,7 @@ from reconcile.utils.gql import GqlApi
 
 class App(BaseModel):
     name: str
-    parent_app_name: str | None
+    parent_app_name: str | None = None
 
 
 def get_app_names(

reconcile/typed_queries/cost_report/cost_namespaces.py

@@ -13,7 +13,7 @@ class CostNamespace(BaseModel, frozen=True):
     labels: CostNamespaceLabels
     app_name: str
     cluster_name: str
-    cluster_external_id: str | None
+    cluster_external_id: str | None = None
 
 
 def get_cost_namespaces(
@@ -32,7 +32,7 @@ def get_cost_namespaces(
     return [
         CostNamespace(
             name=namespace.name,
-            labels=CostNamespaceLabels.parse_obj(namespace.labels or {}),
+            labels=CostNamespaceLabels.model_validate(namespace.labels or {}),
             app_name=namespace.app.name,
             cluster_name=namespace.cluster.name,
             cluster_external_id=namespace.cluster.spec.external_id

reconcile/typed_queries/saas_files.py

@@ -6,7 +6,6 @@ from typing import Any
 from jsonpath_ng.exceptions import JsonPathParserError
 from pydantic import (
     BaseModel,
-    Extra,
     Field,
     Json,
 )
@@ -51,7 +50,12 @@ from reconcile.utils.json import json_dumps
 from reconcile.utils.jsonpath import parse_jsonpath
 
 
-class SaasResourceTemplateTarget(ConfiguredBaseModel):
+class SaasResourceTemplateTarget(
+    ConfiguredBaseModel,
+    validate_by_alias=True,
+    # ignore `namespaceSelector` and 'provider' fields from the GQL schema
+    extra="ignore",
+):
     path: str | None = Field(..., alias="path")
     name: str | None = Field(..., alias="name")
     # the namespace must be required to fulfill the saas file schema (utils.saasherder.interface.SaasFile)
@@ -79,12 +83,8 @@ class SaasResourceTemplateTarget(ConfiguredBaseModel):
             digest_size=20,
         ).hexdigest()
 
-    class Config:
-        # ignore `namespaceSelector` and 'provider' fields from the GQL schema
-        extra = Extra.ignore
-
 
-class SaasResourceTemplate(ConfiguredBaseModel):
+class SaasResourceTemplate(ConfiguredBaseModel, validate_by_alias=True):
     name: str = Field(..., alias="name")
     url: str = Field(..., alias="url")
     path: str = Field(..., alias="path")
@@ -97,7 +97,7 @@ class SaasResourceTemplate(ConfiguredBaseModel):
     targets: list[SaasResourceTemplateTarget] = Field(..., alias="targets")
 
 
-class SaasFile(ConfiguredBaseModel):
+class SaasFile(ConfiguredBaseModel, validate_by_alias=True):
     path: str = Field(..., alias="path")
     name: str = Field(..., alias="name")
     labels: Json | None = Field(..., alias="labels")
@@ -221,7 +221,7 @@ class SaasFileList:
             with self._namespaces_as_dict_lock:
                 self._namespaces_as_dict_cache = {
                     "namespace": [
-                        ns.dict(by_alias=True, exclude_none=True)
+                        ns.model_dump(by_alias=True, exclude_none=True)
                         for ns in self.namespaces
                     ]
                 }
@@ -283,7 +283,7 @@ class SaasFileList:
             if app_name and saas_file.app.name != app_name:
                 continue
 
-            sf = saas_file.copy(deep=True)
+            sf = saas_file.model_copy(deep=True)
             if env_name:
                 for rt in sf.resource_templates[:]:
                     for target in rt.targets[:]:
@@ -314,7 +314,7 @@ def convert_parameters_to_json_string(root: dict[str, Any]) -> dict[str, Any]:
 
 
 def export_model(model: BaseModel) -> dict[str, Any]:
-    return convert_parameters_to_json_string(model.dict(by_alias=True))
+    return convert_parameters_to_json_string(model.model_dump(by_alias=True))
 
 
 def get_saas_files(

reconcile/typed_queries/status_board.py

@@ -32,7 +32,7 @@ def get_selected_app_names(
             prefix = f"{namespace.app.parent_app.name}-"
         name = f"{prefix}{namespace.app.name}"
         selected_app_names.add(name)
-        app = namespace.app.dict(by_alias=True)
+        app = namespace.app.model_dump(by_alias=True)
         app["name"] = name
         apps["apps"].append(app)
 
@@ -40,7 +40,7 @@ def get_selected_app_names(
             name = f"{namespace.app.name}-{child.name}"
             if name not in selected_app_names:
                 selected_app_names.add(f"{namespace.app.name}-{child.name}")
-                child_dict = child.dict(by_alias=True)
+                child_dict = child.model_dump(by_alias=True)
                 child_dict["name"] = name
                 apps["apps"].append(child_dict)
 

reconcile/unleash_feature_toggles/integration.py

@@ -31,7 +31,7 @@ QONTRACT_INTEGRATION_VERSION = make_semver(1, 0, 0)
 
 
 class UnleashTogglesIntegrationParams(PydanticRunParams):
-    instance: str | None
+    instance: str | None = None
 
 
 def feature_toggle_equal(c: FeatureToggle, d: FeatureToggleUnleashV1) -> bool:
@@ -68,7 +68,9 @@ class UnleashTogglesIntegration(
         if not query_func:
             query_func = gql.get_api().query
         return {
-            "toggles": [ft.dict() for ft in self.get_unleash_instances(query_func)],
+            "toggles": [
+                ft.model_dump() for ft in self.get_unleash_instances(query_func)
+            ],
         }
 
     def get_unleash_instances(

reconcile/utils/acs/base.py

@@ -6,7 +6,7 @@ from typing import (
 )
 
 import requests
-from pydantic import BaseModel
+from pydantic import BaseModel, ConfigDict
 
 from reconcile.gql_definitions.acs.acs_instances import AcsInstanceV1
 from reconcile.gql_definitions.acs.acs_instances import query as acs_instances_query
@@ -19,8 +19,11 @@ class AcsBaseApi(BaseModel):
     timeout: int = 30
     session: requests.Session = requests.Session()
 
-    class Config:
-        arbitrary_types_allowed = True
+    model_config = ConfigDict(
+        validate_by_name=True,
+        validate_by_alias=True,
+        arbitrary_types_allowed=True,
+    )
 
     def __enter__(self) -> Self:
         return self

reconcile/utils/acs/policies.py

@@ -11,7 +11,7 @@ class Scope(BaseModel):
     """
 
     cluster: str
-    namespace: str | None
+    namespace: str | None = None
 
 
 class PolicyCondition(BaseModel):
@@ -23,7 +23,7 @@ class PolicyCondition(BaseModel):
     """
 
     field_name: str
-    negate: bool | None
+    negate: bool | None = None
     values: list[str]
 
 

reconcile/utils/aws_api.py

@@ -3,7 +3,6 @@ from __future__ import annotations
 import logging
 import operator
 import os
-import re
 from functools import lru_cache
 from threading import Lock
 from typing import (
@@ -25,6 +24,7 @@ import reconcile.utils.lean_terraform_client as terraform
 from reconcile.utils.secret_reader import SecretReader, SecretReaderBase
 
 if TYPE_CHECKING:
+    import re
     from collections.abc import (
         Iterable,
         Iterator,
@@ -1074,28 +1074,40 @@ class AWSApi:
         return [rt["RouteTableId"] for rt in vpc_route_tables]
 
     @staticmethod
-    def _filter_amis(
-        images: Iterable[ImageTypeDef], regex: str
-    ) -> list[dict[str, Any]]:
-        results = []
-        pattern = re.compile(regex)
-        for i in images:
-            if not re.search(pattern, i["Name"]):
-                continue
-            if i["State"] != "available":
-                continue
-            item = {"image_id": i["ImageId"], "tags": i.get("Tags", [])}
-            results.append(item)
+    def normalize_tags(tags: Iterable[TagTypeDef]) -> dict[str, str]:
+        return {tag["Key"]: tag["Value"] for tag in tags}
 
-        return results
+    @staticmethod
+    def _filter_amis(
+        images: Iterable[ImageTypeDef],
+        regex: re.Pattern,
+    ) -> dict[str, dict[str, str]]:
+        return {
+            image["ImageId"]: AWSApi.normalize_tags(image.get("Tags", []))
+            for image in images
+            if regex.search(image["Name"]) and image["State"] == "available"
+        }
 
     def get_amis_details(
         self,
         account: Mapping[str, Any],
         owner_account: Mapping[str, Any],
-        regex: str,
+        regex: re.Pattern,
         region: str | None = None,
-    ) -> list[dict[str, Any]]:
+    ) -> dict[str, dict[str, str]]:
+        """
+        Get AMI details for an account, find AMI name matches regex and state is available.
+        Return ImageId and normalized tags.
+
+        Args:
+            account: AWS account
+            owner_account: AMI owner AWS account uid
+            regex: regex to filter AMI name
+            region: AWS account region
+
+        Returns:
+            dict[str, dict[str, str]]: Key is AMI ImageId, value is AMI normalized tags.
+        """
         ec2 = self._account_ec2_client(account["name"], region_name=region)
         images = self.get_account_amis(ec2, owner=owner_account["uid"])
         return self._filter_amis(images, regex)
@@ -1175,12 +1187,31 @@ class AWSApi:
         client = self._account_cloudwatch_client(account_name, region_name=region_name)
         client.delete_log_group(logGroupName=group_name)
 
-    def create_tag(
-        self, account: Mapping[str, Any], resource_id: str, tag: Mapping[str, str]
+    def create_tags(
+        self,
+        account: Mapping[str, Any],
+        resource_id: str,
+        tags: Mapping[str, str],
     ) -> None:
+        """
+        Create tags on EC2 resources (AMI)
+
+        Args:
+            account: AWS account
+            resource_id: AWS resource id
+            tags: tags to update
+
+        Returns:
+            None
+        """
         ec2 = self._account_ec2_client(account["name"])
-        tag_type_def: TagTypeDef = {"Key": tag["Key"], "Value": tag["Value"]}
-        ec2.create_tags(Resources=[resource_id], Tags=[tag_type_def])
+        formatted_tags: list[TagTypeDef] = [
+            {"Key": k, "Value": v} for k, v in tags.items()
+        ]
+        ec2.create_tags(
+            Resources=[resource_id],
+            Tags=formatted_tags,
+        )
 
     def get_alb_network_interface_ips(
         self, account: awsh.Account, service_name: str

reconcile/utils/aws_api_typed/organization.py

@@ -52,9 +52,11 @@ class AwsOrganizationOU(BaseModel):
 class AWSAccountStatus(BaseModel):
     id: str = Field(..., alias="Id")
     name: str = Field(..., alias="AccountName")
-    uid: str | None = Field(alias="AccountId")
+    uid: str | None = Field(None, alias="AccountId")
     state: str = Field(..., alias="State")
-    failure_reason: CreateAccountFailureReasonType | None = Field(alias="FailureReason")
+    failure_reason: CreateAccountFailureReasonType | None = Field(
+        None, alias="FailureReason"
+    )
 
 
 class AWSAccount(BaseModel):

reconcile/utils/deadmanssnitch_api.py

@@ -26,7 +26,7 @@ class Snitch(BaseModel):
     interval: str
     alert_type: str
     alert_email: list[str]
-    vault_data: str | None
+    vault_data: str | None = None
 
     def needs_vault_update(self) -> bool:
         return self.vault_data is not None and self.check_in_url != self.vault_data

reconcile/utils/early_exit_cache.py

@@ -5,7 +5,7 @@ from functools import cached_property
 from typing import Any, Self
 
 from deepdiff import DeepHash
-from pydantic import BaseModel
+from pydantic import BaseModel, ConfigDict
 
 from reconcile.utils.datetime_util import utc_now
 from reconcile.utils.secret_reader import SecretReaderBase
@@ -17,7 +17,7 @@ CACHE_SOURCE_DIGEST_METADATA_KEY = "cache-source-digest"
 LATEST_CACHE_SOURCE_DIGEST_METADATA_KEY = "latest-cache-source-digest"
 
 
-class CacheKeyWithDigest(BaseModel):
+class CacheKeyWithDigest(BaseModel, frozen=True):
     integration: str
     integration_version: str
     dry_run: bool
@@ -70,9 +70,6 @@ class CacheKeyWithDigest(BaseModel):
             args.append(f"--shard {self.shard}")
         return " ".join(args)
 
-    class Config:
-        frozen = True
-
 
 class CacheKey(BaseModel):
     integration: str
@@ -122,9 +119,10 @@ class CacheKey(BaseModel):
         """
         return self.cache_key_with_digest.build_cli_delete_args()
 
-    class Config:
-        frozen = True
-        keep_untouched = (cached_property,)
+    model_config = ConfigDict(
+        frozen=True,
+        ignored_types=(cached_property,),
+    )
 
 
 class CacheValue(BaseModel):
@@ -168,7 +166,7 @@ class EarlyExitCache:
 
     def get(self, key: CacheKey) -> CacheValue:
         value = self.state.get(str(key))
-        return CacheValue.parse_obj(value)
+        return CacheValue.model_validate(value)
 
     def set(
         self,
@@ -194,7 +192,7 @@ class EarlyExitCache:
         }
         self.state.add(
             str(key),
-            value.dict(),
+            value.model_dump(),
             metadata=metadata,
             force=True,
         )

reconcile/utils/gitlab_api.py

@@ -263,13 +263,13 @@ class GitLabApi:
         # we can determine if a pending MR exists based on the title
         return any(mr.title == title for mr in mrs)
 
-    @retry()
+    @retry(no_retry_exceptions=(RuntimeError,))
     def get_project_maintainers(
         self, repo_url: str | None = None, query: dict | None = None
-    ) -> list[str] | None:
+    ) -> list[str]:
         project = self.project if repo_url is None else self.get_project(repo_url)
         if project is None:
-            return None
+            raise RuntimeError("project not found")
         members = project.members_all.list(iterator=True, query_parameters=query or {})
         return [m.username for m in members if m.access_level >= 40]
 
@@ -826,14 +826,16 @@ class GitLabApi:
         )
 
     def get_commit_sha(self, ref: str, repo_url: str) -> str:
-        project = self.get_project(repo_url)
+        if not (project := self.get_project(repo_url)):
+            raise ValueError(f"Project not found for repo_url: {repo_url}")
         commits = project.commits.list(ref_name=ref, per_page=1, page=1)
         return commits[0].id
 
     def repository_compare(
         self, repo_url: str, ref_from: str, ref_to: str
     ) -> list[dict[str, Any]]:
-        project = self.get_project(repo_url)
+        if not (project := self.get_project(repo_url)):
+            raise ValueError(f"Project not found for repo_url: {repo_url}")
         response: Any = project.repository_compare(ref_from, ref_to)
         return response.get("commits", [])